In recent months, DeepSeek, an advanced AI large language model from China, has garnered significant attention as a strong contender to ChatGPT. Its sudden rise is attracting not only legitimate users and developers but also malicious actors and scammers. Per recent reports, scammers have begun deceiving individuals and organizations by employing different tactics and capitalizing on the public’s curiosity and lack of familiarity with the technology. Let’s understand in more detail how scammers are exploiting the DeepSeek hype.
Fake Websites
Researchers tracked thousands of look-alike domain names and fake websites (around 2,600 websites surfaced between December 1, 2024 and February 3, 2025) impersonating DeepSeek. Some websites such as deepseek-login[.]com, were aimed at stealing user credentials, while others tricked users into downloading malware (example: Fake Captcha). Certain fake websites, like the one claiming to offer a DeepSeek API ‘Plateform,’ [sic] are easily identifiable. But others, for example, credential phishing pages, are said to be well designed, making them harder to spot. Although the cybersecurity community has made considerable effort taking these mock sites down, dozens of new ones crop up weekly.
Fake Developer Tools
Threat actors uploaded two malicious Python packages—”deepseeek” and “deepseekai”—to the Python Package Index (PyPI), a widely used repository for Python software. These packages, masquerading as developer tools for DeepSeek, were designed to steal sensitive user and system data, including API keys, database credentials, and access tokens. The stolen information was exfiltrated to a command-and-control server using Pipedream, a legitimate automation platform. When these malicious packages were discovered, researchers reported them to PyPI, which then promptly removed them. However, by then, 222 developers, primarily from the U.S. and China, had already downloaded them.
Fake Social Media Accounts
DeepSeek has reported that it is battling a barrage of fake social media accounts. In a recent public statement, they stated discovering numerous fake accounts impersonating DeepSeek on social media, spreading misinformation and scams, misleading users into believing they were engaging with the authentic company. DeepSeek clarified that it operates only three official accounts – on WeChat, X, and Chinese social media app, RedNote – warning users of imposters charging fees or promoting bogus cryptocurrencies. DeepSeek also alerted users of a fraudulent account on X impersonating its founder, Liang Wenfeng.
Fake Investment and Cryptocurrency Schemes
Researchers encountered deceptive sites that mimic DeepSeek and trick users into scanning QR codes that compromise their crypto wallets. Once users connect their wallets, the QR code leads to financial theft. Scammers also promoted a fake DeepSeekAI agent token, which was identified as a honeypot token, rendering purchased tokens worthless. Another fraud involved a fraudulent site, “deepseek-shares.com,” claiming to sell DeepSeek pre-IPO shares. Since DeepSeek is privately held with no official plans of going public, these scams aim to steal sensitive user information and commit victims to financial fraud.
Fake Bots And Telegram Channels
A scam involving a fake bot page promoting meme tokens falsely associated with DeepSeek, urged users to purchase them. The page also included buttons labeled “CHAT AI” and “PIC AI,” which seemed genuine but instead directed users to fraudulent Telegram bots. The bots then interacted with users, tried to steal their credentials, or tricked them into investing in bogus schemes.
How to Protect Yourself and Your Business
To avoid falling victim to scams exploiting DeepSeek’s popularity, individuals and organizations should take the following precautions:
Verify Sources: Always verify the authenticity of websites, emails, and social media accounts claiming to be affiliated with DeepSeek. Check for official domain names, look for spelling errors or inconsistencies, and contact the company directly if you’re unsure.
Avoid Unofficial Apps and Tools: Only download software or apps from official sources, such as DeepSeek’s website or authorized app stores. Be wary of third-party tools that claim to enhance or integrate with DeepSeek, as these are often fronts for malware.
Educate Yourself and Others: Share knowledge of these scams with your colleagues, friends, and family. If you run a business, ensure that you run phishing simulations and security awareness programs to boost security alertness and secure practices among employees.
Use Strong Security Controls: Implement strong passwords, phishing-resistant multi-factor authentication, and keep software and devices up to date. Deploy cybersecurity tools that can detect malware and phish emails and websites.
Be Skeptical of Unrealistic Promises: Be cautious of claims that DeepSeek or any AI technology can deliver guaranteed results or extraordinary returns with minimal effort.
Report Suspicious Activity: If you encounter a potential scam, report it to relevant authorities, such as your local cybersecurity agency or DeepSeek’s official support team. This can help prevent others from falling victim.
The rapid rise of DeepSeek has brought immense potential for innovation and growth, but it has also created opportunities for scammers to exploit the hype. By understanding the techniques used by threat actors and taking proactive steps to protect themselves, organizations can mitigate the risks and continue to benefit from the transformative power of AI.
